IT Security Assurance Analyst

IT Security Assurance Analyst

Cyber Security Analyst Mid 2

Job title: IT Security Assurance Analyst

Location: Sofia

Overview of the role:

We are looking for an IT Security Assurance Specialist to join our growing Information Security team within the PokerStars Division of Flutter Entertainment PLC.

The IT Security Assurance Specialist will play an important role in managing and improving of our ISMS, related policies, standard and processes. You will be part of a team that strives to protect our customers while keeping their great experience at the highest levels set by our brands. The team interacts with all company divisions, keeping close watch on their projects and making vital contributions to their efforts to address player needs in creating the best possible experience.

This role follows a hybrid approach to working, allowing you to combine working from home with working in our modern offices. These discussions are between you and your manager to find the best pattern for you both, while recognising that quality time together is essential for keeping us mission-aligned.

Our teams work from a lively location nestled within this historic city. Enjoy the best of both worlds with winter and summer offices, tantalizing free snacks and a gaming paradise for endless entertainment.

What you’ll do:

The Information Security Team within International is on a journey to increase its capability and maturity. To do this, we need to evolve how the team works whilst also initiating and tracking several key programmes of work. These programmes of work include the expansion of an existing Information Security Management System (ISMS). The information security function exists to ensure that the products we build for our players are secure and to protect all the sensitive information assets that we hold. We also provide assurance and oversight of technology-related Risk across our Technology function. Working in a highly regulated environment the Governance, Risk and Compliance function within Information Security plays a vital part in assuring Information Security and Technology controls are documented, well-managed and are operating in compliance with both internal and external requirements.

You will be part of the team responsible for the development and management of the PokerStars Information Security Management System (ISMS). The team will ensure the transition to ISO 27001:2022 and will also be responsible for the continuous improvement of the ISMS and related controls.

You will assure the implementation and delivery of the ISMS framework and associated tooling and processes. You will also participate in the creation of, and deliver actions against, a programme of continual improvement and efficiencies in this space.

The team will maintain and review all ISMS policies, standards and other core ISMS framework documents such as the Statement of Applicability (SOA), for all in-scope departments and ensure they are all regularly updated.

Creating, managing and maintaining an evidence library used to demonstrate our compliance against the ISMS controls is part of this role.

Managing the collection of and delivering a set of continuously improved ISMS metrics measuring the effectiveness and health of the ISMS is also a responsibility of this role and function. Using these metrics, you will support the creation and delivery of regular reports on the performance of the ISMS.

Ongoing collaboration with collaborators from PokerStars and Flutter Group is vital to the smooth operation and continuous improvement of the ISMS.

You must have excellent collaborator management, relationship building, and persuading and influencing skills.

You will play a huge part in our growing Information Security Governance, Risk and Compliance team.You will have a solid focus on developing and maintaining the ISMS while also having experience in Exception Management and Audit activities.

What you’ll bring:

• Proven experience in Cyber Security Global Risk and compliance roles preferably within large/multi-national organization;

• Demonstrable experience in maintaining an ISO 27001-certified ISMS within a global and complex technical environment.

• Experience that can be evidenced in a technical/information security control, risk management, and audit-related role.

• Experience in a highly regulated industry that can be demonstrated.

• A good understanding of all aspects of Information Technology and how this works within a large global organisation.

• Working with internal and external partners at all levels to achieve results, you will need excellent relationship building skills.

• You have familiarity of managing and driving ISMS-related activities, risk management and assurance/compliance reviews, audits and all aspects of Technology and IT security compliance.

• You will have experience of working within an Information Security Management System.

• Communicating information technology and information security control and risk management processes to the business, technology departments and partners, and supporting provision of security assurance at all levels of the enterprise.

• Helping develop and maintain an ISMS and appropriate Risk Management and Assurance processes.

Your skills:

• Familiarity with IT and Information Security standards (NIST CSF 2.0, ISO 27001, CIS benchmarks etc).

• Knowledge of security principles, technologies, and frameworks.

• Knowledge of the role of Security within the Software Development Life Cycle.

• A great teammate who is willing to share knowledge and mentor colleagues, who is approachable and willing to assist at any time.

• Excellent time management skills

• Self-motivated and driven to continuously improve areas of responsibility.

• Excellent report building skills with various office products (Excel, Power Point, Visio, etc)

• Knowledge of vulnerability scanning tools.

• Document and evidence management within SharePoint/Confluence will be considered an advantage.

• A formal qualification/certification such as ISO 27001:2022 lead implementer or lead auditor, CRISC, CISM, CISA, CISSP are a strong plus.

• Experience working within the online gambling industry and experience of gambling regulatory requirements will be considered an advantage.

• Knowledge of ITIL and Agile methodology will be considered an advantage.

• Knowledge how to use and maintain GRC tools will be considered an advantage.

Requirements:

You're a problem solver, helping craft usable and repeatable processes and solutions. You’re a team player and happy to take ownership and responsibility. You have a natural ability when working across teams and functions to persuade and influence others. You have a desire to deliver results. You excel in communication and can build successful relationships with business owners and product teams, project managers, IT teams, Legal and Compliance and Risk functions. You enjoy working in a dynamic, collaborative, transparent, non-hierarchal culture. You thrive in a fast-paced, outcome driven organisation.

It’s ok if you don’t think you tick every box on this list. We love people who want to challenge themselves and are passionate about what they do. If you believe you can contribute in some areas and are eager to learn, we encourage you to apply.

Why choose us:

Aside from a generous base salary, we have a fantastic benefits & rewards program that is designed to encourage personal and career development.

• Discretionary annual performance bonus
• 30 days paid leave
• Health and Dental Insurance for you, your partner and your children (if you all live at the same address)
• Personal life insurance and disability coverage
• A personal interest allowance to let you learn something new or pursue a hobby
• External learning support of up to £2,000 or equivalent in local currency, dedicated 4 learning “Power Hours” every month during office time, full access to the Udemy and Mindtools platforms, in-house leadership program and many other training opportunities for developing your skills and progressing your career
• Looking to extend your family? You will receive a cash gift of 1,000 BGN for your new addition whilst working for us
• 26 weeks primary carer leave at 100% pay & 4 weeks secondary carer leave pay at 100% pay
• A sports’ card membership valid across the country
• Discounts as a compliment form us among different services
• Monthly food vouchers
• Free snacks, fruits and drinks in the office

Equal opportunities:

At Flutter International we are committed to creating an inclusive environment where our people can be their authentic selves and thrive. We embrace and celebrate diversity, respecting all our uniqueness and differences.

We welcome you to let us know whether you have any accessibility needs. All you need to do is email us at talent@flutterint.com. Your journey with us is focused on ensuring you have what you need to be your best self.

Learn more about the works we are doing on Inclusion and Belonging here:

https://careers.flutterinternational.com/working-at-flutter-international/diversity-equity-inclusion/

The group:

PokerStars is a proud member of the Flutter Entertainment family, a global leader in sports betting, iGaming, and entertainment. We're not just another company; we're listed on both the prestigious FTSE 100 index on the London Stock Exchange and the New York Stock Exchange (NYSE). What sets us apart is our world class brands, cutting-edge products, and our International division includes our operations in over 100 global markets and offers sports betting, casino, poker, rummy and lottery, mainly online. What truly defines us is our commitment to ensuring that the excitement of gaming and entertainment is experienced in a responsible and sustainable way. Our remarkable team of over 8,000 colleagues drives this vision, spread across 28 offices worldwide.